s4:librpc: Fix leak

We should not leak error messages returned by sddl_decode_err_msg().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c
index 74f323c3f562bb5689a37038a62b88f0db4e51a7..5f185b69bed99a55b5635514c323162627f9945c 100644 (file)
--- a/source4/librpc/ndr/py_security.c
+++ b/source4/librpc/ndr/py_security.c
@@ -272,6 +272,7 @@ static PyObject *py_descriptor_new(PyTypeObject *self, PyObject *args, PyObject
 
 static PyObject *py_descriptor_from_sddl(PyObject *self, PyObject *args)
 {
+       TALLOC_CTX *tmp_ctx = NULL;
        struct security_descriptor *secdesc;
        char *sddl;
        PyObject *py_sid;
@@ -291,7 +292,13 @@ static PyObject *py_descriptor_from_sddl(PyObject *self, PyObject *args)
 
        sid = pytalloc_get_ptr(py_sid);
 
-       secdesc = sddl_decode_err_msg(NULL, sddl, sid,
+       tmp_ctx = talloc_new(NULL);
+       if (tmp_ctx == NULL) {
+               PyErr_NoMemory();
+               return NULL;
+       }
+
+       secdesc = sddl_decode_err_msg(tmp_ctx, sddl, sid,
                                      &err_msg, &err_msg_offset);
        if (secdesc == NULL) {
                PyObject *exc = NULL;
@@ -315,14 +322,19 @@ static PyObject *py_descriptor_from_sddl(PyObject *self, PyObject *args)
                                    err_msg_offset,
                                    sddl);
                if (exc == NULL) {
+                       talloc_free(tmp_ctx);
                        /* an exception was set by Py_BuildValue() */
                        return NULL;
                }
                PyErr_SetObject(PyExc_SDDLValueError, exc);
                Py_DECREF(exc);
+               talloc_free(tmp_ctx);
                return NULL;
        }
 
+       secdesc = talloc_steal(NULL, secdesc);
+       talloc_free(tmp_ctx);
+
        return pytalloc_steal((PyTypeObject *)self, secdesc);
 }